You're a winner!

In the past year, spammers are estimated to have raked in an estimated $780 million (532 million euros), and the financial crisis hasn't slowed them down either, according to experts concluding the two-day German Anti-Spam Congress in Wiesbaden on Wednesday.

More than a minor nuisance that has to be deleted daily, spam made up 85 percent of e-mail traffic over the first half of 2009, according to a report from the Kaspersky Lab.

Much of that spam mail may contain what's known as "bots" or "botnets" - special programs used by cyber criminals to control other people's computer and obtain valuable information without the machine's owner realizing the system has been taken over.

"A botnet is a network of compromised machines under a common control set," said Thorsten Holz from the University of Technology in Vienna, explaining how bots have become big money-makers for hordes of cyber criminals all over the world.

"The attacker can control hundreds, thousands, or even hundreds of thousands of machines and instruct them to send out spam e-mails or to perform some kind of so-called denial of service attack," he said.

File-sharing users at risk

As computer users become aware of the threat posed by such malicious programs, savvy cyber criminals are finding new ways to infect people's computers, according to Christian Funk, a virus analyst at the Kaspersky Lab.

"The classic way to get infected is probably by opening an attachment of a spam email," he said. "But people nowadays know that spam emails are often malicious; therefore, the cyber criminals move to other ways which are now more effective."

People who use peer-to-peer file sharing networks, like BitTorrent and eMule, are particularly vulnerable to attack, Funk said

"People who are using peer to peer networks are threatened because everyone can begin to distribute every kind of software or multimedia files - and the bad guys, of course, know that and they spread malicious files together with popular software or multimedia files," he said.

Once cyber criminals have infected the computer, programs can target specific confidential information they want, including: credit card numbers, financial information and e-mail passwords. The information can then be sold or used for criminal purposes. Once the data is compromised, it can be extremely difficult to track who stole it, Holz said.

"The main limiting factor is that the Internet is not local but distributed all across the world," he said. "It can be that the attacker, for example, is sitting in the US, that the control server via which the commands are made which are distributed to the infected machines are located in France, and the victim is in Germany."

The botnet business relies on the constant influx of new private data. The cost of stolen information depends on the victim's country of residence. Data on an EU resident is more valuable on the black market than a U.S. resident - eight dollars compared to five - because a European resident's data can be used in all EU countries.

Internet crime grew by 77 percent in 2008 when compared to 2007, according to statistics from the Germany's Federal Criminal Police Agency. Last year there were 16,400 registered cases of white-collared crime committed on the Internet, the agency said.

Many types of cyber crime

But not all cybercrime is based on identity theft. Botnets also play a major role in denial of service attacks where "zombie networks" of hijacked computers bombard a Web site or computer server with thousands of requests each minute. If the server unable to process all the information, it will deny service, blocking legitimate users as well.

About 190,000 denial of service attacks were carried out in 2008, according to shadowserver.org, a volunteer watchdog group of security professionals. The group estimated that rogue e-commerce merchants paid botnet operators a total of $20 million to perform the attacks, which were mainly intended to disable rival Web sites.

With millions of dollars at stake, cyber-security authorities and cyber criminals are locked in an arms race as users and companies try to secure their computers and criminals try to find news ways of breaking in, Holz said.

"For now the attackers probably have some small advantage because it’s hard to track them down," he said. "But I think in the next couple of years we will see some kind of movement that defenders can also keep up with the pace."

Vanessa Johnston (sms)

Editor: Trinity Hartman